<?php
	session_start();
	require_once("../db_connect.php");

	$db = DB::connect($dsn);	//DBへ接続する
	if (PEAR::isError($db)) {	//DBの接続に失敗すればここでエラー文を出力
		die($db->getMessage("aho"));
	}

	$login_id  = htmlspecialchars($_POST['id'],ENT_QUOTES,"UTF-8");
	$password   = htmlspecialchars($_POST['pass'],ENT_QUOTES,"UTF-8");
	$user_name = "";
	$user_pass = "";

	if(array_key_exists("user_name",$_SESSION)?true:false){
		$_SESSION = array();
	}

	$sql = "SELECT *
			FROM user
			WHERE login_id = ?
			LIMIT 0 , 30";

	$res =& $db->query($sql,$login_id);
	if (PEAR::isError($res)) {
	    die($res->getMessage());
	}

	while ($row =& $res->fetchRow(DB_FETCHMODE_ASSOC)) {
	    $user_name = $row['family_name'].$row['given_name'];
	    $user_id = $row['user_id'];
	    $user_pass = $row['password'];
	    $user_nick_name = $row['nick_name'];
	}

	if (PEAR::isError($res)) {			//SQLの実行に失敗すればここでエラー文を出力
		die($res->getMessage("aho"));
	}

	if($user_name){
		if($password == $user_pass){
			$_SESSION["user_name"] = $user_name;
			$_SESSION["user_id"] = $user_id;
			$_SESSION['nick_name'] = $user_nick_name;
		}else{
			$_SESSION["error"] = "パスワードが間違っています。";
		}
	}else{
		$_SESSION["error"] = "ユーザ名が間違っています。";
	}

	header("Location: ".$_SERVER['HTTP_REFERER']);